I'm very much apprehensive about TFO. It falls in the same kind of risk category as TLS 1.3 0-RTT in that it will send data before a handshake has been completed. It can apparently also lead to stalls (the opposite of the intended effect) and I'd rather stick with completing a proper handshake before switching to the data transfer phase of a connection. Saving 1 round trip between server and client really isn't worth trying to push outside of safe, well-established protocols.

In addition, there is apparently a security concern (that I don't have access to, by the way) with it that has had Mozilla switch it off before Firefox 57 landed, and has not re-enabled it since in the almost 2 years that have passed.

Also, I don't see how it would "significantly accelerate the loading of sites". At most you'd be looking at a slightly decreased first data time per connection -- but since browsers use connection pools, potentially http pipelining and http2 multiplexing of requests, as well as having much more latency in the protocols on top of TCP than TCP itself, the practical win for TFO is very underwhelming and IMHO should be reserved for specialized applications that use raw TCP in a timing-critical environment.

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

Of course you're right.
It’s just that I myself want my site to be the fastest and most convenient for visitors. My site is completely non-profit, I’m not selling anything. There is no advertising on the site. I just want as many people as possible to see friends in piglets and not food!

Once more, compared to the rest of the protocol and data transfer, TFO will be insignificant.

Proof:

The indicated rows are the full 3-way handshake. The TCP connection is established in 51 ms without TFO from my location to yours. TLS Client Hello on its way after 54 ms and first encrypted data being sent by the browser after 109 ms.

Of note, Ping to your server is 49 ms, so we're looking at a single round trip to establish the TCP connection, and another single round trip to have TLS completely ready.

All this confirmed inside the browser with timings:

3wHS-timings.png (25.52 KiB) Viewed 428 times

51 ms to establish connection, another 58 ms for establishing TLS, after which the browser waits 71 ms to be served your page's initial html.
This is then followed by being shoved 80 kB of CSS and 87 kB of JavaScript, which takes approx. 250 ms to parse before the rest of the content is loaded in parallel through a connection pool, which takes a total of 1.18 s before DOM content is loaded. Page load completes after 1.66 s. Effectively, TFO could maybe shave off half a round trip, i.e. ~ 25 ms, if you take the necessary processing and added complexity into account. If you don't have any stalls or async hangups because of this, that would mean at most saving 1.5% on the page load time with TFO. Is that worth the added risk, and potential loss if you have any hangups because data is sent prematurely? I think not.

1.5% is also not "significantly accelerating" anything. Even in the theoretical ideal situation of 3%, it's still not significant.

Off-topic:P.S.: While there I noticed that you are implementing a P3P header. Don't bother with that, it's a dead, unfinished spec not used by anyone, even the spec itself states: "The Technical Architecture Group (TAG) has discontinued work on this document. The specification should not be referenced in this form or implemented as-is."

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

There's something I miss: if data is sent before the last ack is sent, what happens if a delayed ack from a previous connection arrives?
Is the protocol able to differentiate it? Given that data was sent already, I mean.
The wiki doesn't say anything and maybe that's the cause of the reported hangings?

I just want as many people as possible to see friends in piglets and not food!

Off-topic: I don't understand how people who can't think about eating dogs and cats, can eat pigs. They're about the same level of intelligence and self-conciousness as dogs.
Disclaimer: I'm not vegetarian. But dogs, cats, pigs, apes, dolphins, etc. are not food for me.